Latest News

For the latest news and ASX announcements Click here

Certified Information Security Management
ISO 27001 Information Security Management Certified Tier III Certified WALGA Preferred Supplier Logo

Urgent DC Two Security Update: Protect Your Business from the Impact of the CryptoLocker or Similar Ransomware Virus

10th March 2020

Back to news index page
Previous Article: Is your business ready to enable staff to work from home?
Next Article: Mid West site update
Secure your business from crypto lockers and ransom ware
Cryptolockers and ransomware can be crippling for any business

Threat

CryptoLocker is not a new virus threat. It has been around for several years and is a well-known and documented potentially devastating business threat. In the words of the Australian Cyber Security Centre (ACSC https://www.cyber.gov.au/)

CryptoLocker is "A particularly malicious type of ransomware which, once installed on your computer, encrypts and locks all of the files on the infected computer. A pop-up window will then display on the computer screen requesting payment of a ransom in return for a key to unlock the encrypted files. Paying the ransom does not guarantee removal."

Impact and Solution

If your IT infrastructure falls to a 'CryptoLocker' your entire business will lose access to every aspect of your day to day systems. That means employees unable to work, sales unable to happen, receipts or bills unable to process; culminating potentially in brand damage, loss of reputation leading to significant 'recovery' expenditure.

Having the correct defensive IT security procedures to prevent infection are well known and implementable. However, threat vectors from these viruses evolve as the bad actors behind them try to circumvent the current protective strategies.

To counter this, DC Two continually evolve and monitor these threats to ensure our partners and customers IT systems and infrastructure are best protected with a Crypto Failsafe approach to ensure the best possible systems for prevention and recovery.

Recent Real World CryptoLocker Attack

Recently our security team had to provide emergency assistance to an Australian based multi-national IT service provider who had both their internal and entire client networks locked down, this included both live and backup server infrastructure. In this case, many of the known defensive strategies were not fully implemented (due to a combination of factors including lack of best practice knowledge regarding systems being used, decisions made based on cost and to a certain extent complacency as to impact potential). This has resulted in potentially devastating financial impact for those infected businesses.

Impacted Business IT & Procedural Set Up Vs DC Two Crypto Failsafe Recommended

Actual Impacted Business IT & Procedural Set Up
DC Two Crypto Failsafe Recommended IT & Procedural Set Up
Uncontrolled management of multiple OS on Servers and Desktops
OS standardization. 24-48 hour OS patching and monitoring to resist latest threats
Office 365 hosted on Azure "backup option not selected"
Backups deployed for All Services "Cannot opt out"
Limited systems backup strategy
Backup strategy including both offsite and offline daily backup and replication
No email content scanning
Anti-Virus & content filtering / sandboxing
Shared network which included backup servers
Network segmentation & segregation to firstly isolate and secondly slow down attack impact
Limited user education of best security practices
Regular and updated staff training and best practice education for threat awareness
Shared Security Appliance for all clients (Physical)
Every client has dedicated front end Virtual Security Appliance
Many Administrators and Full Access Users
Restrict admin privileges based on staff duties
Applications installed and managed in an uncontrolled open system
Application White listing "Approved / trusted programs only"
Insufficient Disaster Recovery plan, combined with the security threat weaknesses extended the recovery period by multiple days. Significant cost implications for business "Lost revenue, staff costs, emergency IT recovery costs"
DC Two Crypto Failsafe implementation combined with comprehensive Disaster Recovery plan significantly improves recovery time and limits costs incurred

DC Two can assist you in auditing your IT infrastructure and provide guidance and options to implement a Crypto Failsafe set up. With the appropriate procedures, network topology, education and planning not only will your IT infrastructure be best protected from infection, it will also be more resilient. Recovery from problems will counted in minutes or hours as opposed to days.

Protect your business from Crypto lockers and Ransomware
Protect your business with a properly implemented security plan

For more information on how to prevent CryptoLocker as well as crypto safe backups contact DC Two.

Communication preferences:

Testimonials

DC Two is a company with whom we have an excellent working relationship. In the past two years, we have been rapidly growing our business with them. They are now one of our largest customers in WA and for good reason. Not only are they are technology experts, they also recognise that technology exists to support a business outcome. They are easy to talk to and are willing to listen when exploring new ideas. I have found them to be responsive, honest and trustworthy and I would not hesitate in recommending them as a potential business partner to anyone.

- Gary Roberts, Digicor

DC Two Limited

ACN 155 473 304

Phone
+61 8 6141 1011
Email
info@dctwo.com.au
Investors
investors@dctwo.com.au
Sales
sales@dctwo.com.au
Support
support@dctwo.com.au
Accounts
accounts@dctwo.com.au

Customers

Partner Information

Data Centre Products

Cloud Services

Disaster Recovery Solutions

Virtual Desktop Solutions

Products & Services Index

Solutions Index

Data Centre Locations

Modular Data Centres

Company

Investor Information

Contact & Resources

Privacy

|

Site Terms

|

Copyright © 2023 DC Two Limited (ACN 155 473 304) and all subsidiaries. All rights reserved.